allow non-seccomp setup for OverlayFS sandboxes

2 files changed, 2 insertions, 10 deletions

diff --git a/RELNOTES b/RELNOTES
index 79654e441..0f3f511bc 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -16,6 +16,7 @@ firejail (0.9.45) baseline; urgency=low
   * feature: config support for firejail prompt in terminals
   * feature: pass command line arguments to appimages
   * feature: --allow-private-blacklist option
+  * feature: allow non-seccomp setup for OverlayFS sandboxes
   * new profiles: xiphos, Tor Browser Bundle, display (imagemagik), Wire,
   * new profiles: mumble, zoom, Guayadeque, qemu, keypass2, xed, pluma,
   * new profiles: Cryptocat, Bless, Gnome 2048, Gnome Calculator,
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 50fcd6ed0..493877db3 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -616,19 +616,10 @@ int sandbox(void* sandbox_arg) {
                         fs_trace_preload();
         }
         else 
-#endif          
+#endif
 #ifdef HAVE_OVERLAYFS
         if (arg_overlay)        {
                 fs_overlayfs();
-                // force caps and seccomp if not started as root
-                if (getuid() != 0) {
-                        enforce_filters();
-#ifdef HAVE_SECCOMP
-                        enforce_seccomp = 1;
-#endif
-                }
-                else
-                        arg_seccomp = 1;
         }
         else
 #endif